VYPR
Low severity3.7NVD Advisory· Published Apr 30, 2018· Updated Jun 17, 2026

CVE-2017-2591

CVE-2017-2591

Description

389-ds-base before version 1.3.6 is vulnerable to an improperly NULL terminated array in the uniqueness_entry_to_config() function in the "attribute uniqueness" plugin of 389 Directory Server. An authenticated, or possibly unauthenticated, attacker could use this flaw to force an out-of-bound heap memory read, possibly triggering a crash of the LDAP service.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

1
  • unspecified/389-ds-basev5
    Range: 389-ds-base 1.3.6

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.